
<?php

session_start();
$a=$_POST['yan'];
$b=($_SESSION['yan']);
$user=$_POST['user'];
$pwd=md5($_POST['pwd']);
include_once($_SERVER['DOCUMENT_ROOT'].'/public/func.php');
$config = include_once($_SERVER['DOCUMENT_ROOT'].'/public/config.php');
	$user=$_POST['user'];
	$pwd=($_POST['pwd']);
	if ($a!=$b) {
		echo "<script>alert('验证码错误！');</script>";
		echo "<script>window.location='login.php'</script>";die;
	}
	if(($user=='')||($_POST['pwd']==''))
	{
		echo "<script>alert('账号、密码都不能为空！');</script>";
		echo "<script>window.location='login.php'</script>";
		die;
	 }
	$qal = sel($config,'`users`','where username='.$user.' and userpass='.$pwd.'');

  if(is_array($qal)&&(empty($qal)==false)){
		$_SESSION['islogin']=1;
		$_SESSION['user']=$user;

		echo '<script>alert("登录成功");</script>
				<script>window.location.href="/home/index.php"</script>';
	}
	else{
		echo "<script>alert('登录失败');</script>
		<script>window.location.href='login.php'</script>";
	}
	
?>
<meta charset="UTF-8">